Satellite dishes are seen at GCHQ's outpost at Bude, close to where trans-Atlantic fibre-optic cables come ashore in Cornwall, southwest England (Reuters/Kieran Doherty) / Reuters

The UK’s electronic spying agency has been using a spoof version of LinkedIn professional social network's website to target global roaming data exchange companies as well as senior management in the OPEC oil cartel, according to a Der Spiegel report.

The Government Communications Headquarters has implemented a
technique known as Quantum Insert, placing its servers in
strategic spots where they could intercept and redirect target
traffic to a fake website faster than the legitimate service
could respond.

A similar technique was used earlier this year to inject malware
into the systems of BICS, a subsidiary of Belgian state-owned
telecommunications company Belgacom, which is another major GRX
provider.

In the Belgacom scandal first it was unclear where the attacks were coming from. Then
documents from Snowden’s collection revealed that the surveillance attack probably
emanated from the British GCHQ – and that British intelligence
had palmed off spyware on several Belgacom employees.

The Global Roaming Exchange (GRX) is a service which allows
mobile data providers to exchange roaming traffic of their
user with other providers. There are only a few dozen
companies providing such services globally.

Now it turns out the GCHQ was also targeting networking,
maintenance and security personnel of another two companies,
Comfone and Mach, according to new leaks published in the German
magazine by Laura Poitras, one of few journalists believed to have
access to all documents stolen by Snowden from the NSA.

Through the Quantum Insert method, GCHQ has managed to infiltrate
the systems of targeted Mach employees and successfully procured
detailed knowledge of the company’s communications
infrastructure, business, and personal information of several
important figures.

A spokesman for ‘Starhome Mach’, a Mach-successor company, said
it would launch “a comprehensive safety inspection with
immediate effect.”

The Organization of Petroleum Exporting Countries was yet another
target of the Quantum Insert attack, according to the report.
According to a leaked document, it was in 2010 that GCHQ managed
to infiltrate the computers of nine OPEC employees. The spying
agency reportedly succeeded in penetrating the operating space of
the OPEC Secretary-General and also managed to spy the on Saudi
Arabian OPEC governor, the report suggests.

LinkedIn is currently the largest network for creating and
maintaining business contacts. According to its own data the
company has nearly 260 million registered users in more than 200
countries. When contacted by The Independent, a LinkedIn
spokesman said that the company was “never told about this
alleged activity” and it would “never approve of it,
irrespective of what purpose it was used for.”

According to a cryptographer and security expert Bruce Schneier,
Quantum Insert attacks are hard for anyone except the NSA to execute,
because for that one would need to “to have a privileged
position on the Internet backbone.”

The latest details of GCHQ’s partnership with the NSA were
revealed just last week, after the reports emerged that GCHQ was
feeding the NSA with the internal information intercepted from Google and Yahoo’s private
networks.

The head of GCHQ, Sir Ian Lobban, lashed out at the global media for the coverage of
Edward Snowden’s leaks, claiming it has made it “far
harder” for years to come to search for “needles and
fragments of needles” in “an enormous hay field” of
the Internet.

However, the intelligence chiefs failed to address public fears
that Britain’s intelligence agencies are unaccountable and are
operating outside the law.